PERFORCE change 22503 for review

Robert Watson rwatson at freebsd.org
Thu Dec 19 04:19:42 GMT 2002 

http://perforce.freebsd.org/chv.cgi?CH=22503

Change 22503 by rwatson at rwatson_paprika on 2002/12/18 20:18:53

	First pass at system call wrappers, man page updates for
	_link_np() variations.

Affected files ...

.. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl.3#2 edit
.. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_delete.3#2 edit
.. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_delete.c#2 edit
.. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_get.3#2 edit
.. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_get.c#2 edit
.. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_set.3#2 edit
.. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_set.c#2 edit
.. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_valid.3#2 edit
.. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_valid.c#2 edit

Differences ...

==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl.3#2 (text+ko) ====

@@ -2,6 +2,8 @@
 .\" Copyright (c) 2000, 2001, 2002 Robert N. M. Watson
 .\" All rights reserved.
 .\"
+.\" This software was developed by Robert Watson for the TrustedBSD Project.
+.\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
 .\" are met:
@@ -25,7 +27,7 @@
 .\"
 .\" $FreeBSD: src/lib/libc/posix1e/acl.3,v 1.19 2002/11/08 15:01:28 rwatson Exp $
 .\"
-.Dd January 28, 2000
+.Dd December 18, 2002
 .Dt ACL 3
 .Os
 .Sh NAME
@@ -82,8 +84,10 @@
 and may be used to create an empty entry in an ACL.
 .It Xo
 .Fn acl_delete_def_file ,
+.Fn acl_delete_def_link_np ,
+.Fn acl_delete_fd_np ,
 .Fn acl_delete_file_np ,
-.Fn acl_delete_fd_np
+.Fn acl_delete_link_np
 .Xc
 These functions are described in
 .Xr acl_delete 3 ,
@@ -114,9 +118,10 @@
 .Xr acl_get_entry 3 ,
 and may be used to retrieve a designated ACL entry from an ACL.
 .It Xo
+.Fn acl_get_fd ,
+.Fn acl_get_fd_np ,
 .Fn acl_get_file ,
-.Fn acl_get_fd ,
-.Fn acl_get_fd_np
+.Fn acl_get_link_np
 .Xc
 These functions are described in
 .Xr acl_get 3 ,
@@ -138,9 +143,10 @@
 .Xr acl_init 3 ,
 and may be used to allocate a fresh (empty) ACL structure.
 .It Xo
+.Fn acl_set_fd ,
+.Fn acl_set_fd_np ,
 .Fn acl_set_file ,
-.Fn acl_set_fd ,
-.Fn acl_set_fd_np
+.Fn acl_set_link_np
 .Xc
 These functions are described in
 .Xr acl_set 3 ,
@@ -163,8 +169,9 @@
 and may be used to generate a text-form of a POSIX.1e semantics ACL.
 .It Xo
 .Fn acl_valid ,
+.Fn acl_valid_fd_np ,
 .Fn acl_valid_file_np ,
-.Fn acl_valid_fd_np
+.Fn acl_valid_link_np
 .Xc
 These functions are described in
 .Xr acl_valid 3 ,

==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_delete.3#2 (text+ko) ====

@@ -1,7 +1,9 @@
 .\"-
-.\" Copyright (c) 2000 Robert N. M. Watson
+.\" Copyright (c) 2000, 2002 Robert N. M. Watson
 .\" All rights reserved.
 .\"
+.\" This software was developed by Robert Watson for the TrustedBSD Project.
+.\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
 .\" are met:
@@ -30,8 +32,10 @@
 .Os
 .Sh NAME
 .Nm acl_delete_def_file ,
+.Nm acl_delete_def_link_np ,
 .Nm acl_delete_fd_np ,
 .Nm acl_delete_file_np
+.Nm acl_delete_link_np
 .Nd delete an ACL from a file
 .Sh LIBRARY
 .Lb libc
@@ -41,21 +45,33 @@
 .Ft int
 .Fn acl_delete_def_file "const char *path_p"
 .Ft int
+.Fn acl_delete_def_link_np "const char *path_p"
+.Ft int
+.Fn acl_delete_fd_np "int filedes" "acl_type_t type"
+.Ft int
 .Fn acl_delete_file_np "const char *path_p" "acl_type_t type"
 .Ft int
-.Fn acl_delete_fd_np "int filedes" "acl_type_t type"
+.Fn acl_delete_link_np "const char *path_p" "acl_type_t type"
 .Sh DESCRIPTION
 The
 .Fn acl_delete_def_file ,
+.Fn acl_delete_def_link_np ,
+.Fn acl_delete_fd_np ,
 .Fn acl_delete_file_np ,
 and
-.Fn acl_delete_fd_np
+.Fn acl_delete_link_np
 each allow the deletion of an ACL from a file.
 .Fn acl_delete_def_file
 is a POSIX.1e call that deletes the default ACL from a file (normally a
-directory) by name; the other two calls are non-portable extensions that
-allow deleting of arbitrary ACL types from a file/directory by either path
-name, or by file descriptor.
+directory) by name; the remainder of the calls are non-portable extensions
+that permit the deletion of arbitrary ACL types from a file/directory
+either by path name or file descriptor.
+The
+.Fn _file
+variations follow a symlink if it occurs in the last segment of the
+path name; the
+.Fn _linke
+variations operate on the symlink itself.
 .Sh IMPLEMENTATION NOTES
 .Fx Ns 's
 support for POSIX.1e interfaces and features is still under
@@ -118,5 +134,3 @@
 and development continues.
 .Sh AUTHORS
 .An Robert N M Watson
-.Sh BUGS
-These features are not yet fully implemented.

==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_delete.c#2 (text+ko) ====

@@ -1,7 +1,9 @@
 /*-
- * Copyright (c) 1999, 2000, 2001 Robert N. M. Watson
+ * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
  * All rights reserved.
  *
+ * This software was developed by Robert Watson for the TrustedBSD Project.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -43,7 +45,13 @@
 	return (__acl_delete_file(path_p, ACL_TYPE_DEFAULT));
 }
 
+int
+acl_delete_def_link_np(const char *path_p)
+{
 
+	return (__acl_delete_link(path_p, ACL_TYPE_DEFAULT));
+}
+
 int
 acl_delete_file_np(const char *path_p, acl_type_t type)
 {
@@ -51,6 +59,13 @@
 	return (__acl_delete_file(path_p, type));
 }
 
+int
+acl_delete_link_np(const char *path_p, acl_type_t type)
+{
+
+	return (__acl_delete_link(path_p, type));
+}
+
 
 int
 acl_delete_fd_np(int filedes, acl_type_t type)

==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_get.3#2 (text+ko) ====

@@ -1,7 +1,9 @@
 .\"-
-.\" Copyright (c) 2000 Robert N. M. Watson
+.\" Copyright (c) 2000, 2002 Robert N. M. Watson
 .\" All rights reserved.
 .\"
+.\" This software was developed by Robert Watson for the TrustedBSD Project.
+.\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
 .\" are met:
@@ -31,7 +33,8 @@
 .Sh NAME
 .Nm acl_get_fd ,
 .Nm acl_get_fd_np ,
-.Nm acl_get_file
+.Nm acl_get_file ,
+.Nm acl_get_link_np
 .Nd get an ACL for a file
 .Sh LIBRARY
 .Lb libc
@@ -39,21 +42,20 @@
 .In sys/types.h
 .In sys/acl.h
 .Ft acl_t
-.Fn acl_get_file "const char *path_p" "acl_type_t type"
-.Ft acl_t
 .Fn acl_get_fd "int fd"
 .Ft acl_t
 .Fn acl_get_fd_np "int fd" "acl_type_t type"
+.Ft acl_t
+.Fn acl_get_file "const char *path_p" "acl_type_t type"
+.Ft acl_t
+.Fn acl_get_link_np "const char *path_p" "acl_type_t type"
 .Sh DESCRIPTION
 The
+.Fn acl_get_fd ,
 .Fn acl_get_file ,
-.Fn acl_get_fd ,
-and
+.Fn acl_get_link_np ,
 .Fn acl_get_fd_np
 each allow the retrieval of an ACL from a file.
-.Fn acl_get_file
-is a POSIX.1e call that allows the retrieval of a
-specified type of ACL from a file by name;
 .Fn acl_get_fd
 is a POSIX.1e call that allows the retrieval of an ACL of type
 ACL_TYPE_ACCESS
@@ -62,8 +64,16 @@
 is a non-portable form of
 .Fn acl_get_fd
 that allows the retrieval of any type of ACL from a file descriptor.
+.Fn acl_get_file
+is a POSIX.1e call that allows the retrieval of a
+specified type of ACL from a file by name;
+.Fn acl_get_link_np
+is a non-portable variation on
+.Fn acl_get_file
+which does not follow a symlink if the target of the call is a
+symlink.
 .Pp
-This function may cause memory to be allocated.  The caller should free
+These functions may cause memory to be allocated.  The caller should free
 any releasable memory, when the new ACL is no longer required, by calling
 .Xr acl_free 3
 with the
@@ -135,5 +145,3 @@
 and development continues.
 .Sh AUTHORS
 .An Robert N M Watson
-.Sh BUGS
-These features are not yet fully implemented.

==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_get.c#2 (text+ko) ====

@@ -1,7 +1,9 @@
 /*-
- * Copyright (c) 1999, 2000, 2001 Robert N. M. Watson
+ * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
  * All rights reserved.
  *
+ * This software was developed by Robert Watson for the TrustedBSD Project.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -24,9 +26,11 @@
  * SUCH DAMAGE.
  */
 /*
- * acl_get_file - syscall wrapper for retrieving ACL by filename
  * acl_get_fd - syscall wrapper for retrieving access ACL by fd
  * acl_get_fd_np - syscall wrapper for retrieving ACL by fd (non-POSIX)
+ * acl_get_file - syscall wrapper for retrieving ACL by filename
+ * acl_get_link_np - syscall wrapper for retrieving ACL by filename (NOFOLLOW)
+ *                   (non-POSIX)
  * acl_get_perm_np() checks if a permission is in the specified
  *                   permset (non-POSIX)
  * acl_get_permset() returns the permission set in the ACL entry
@@ -66,6 +70,25 @@
 }
 
 acl_t
+acl_get_link_np(const char *path_p, acl_type_t type)
+{
+	acl_t	aclp;
+	int	error;
+
+	aclp = acl_init(ACL_MAX_ENTRIES);
+	if (aclp == NULL)
+		return (NULL);
+
+	error = __acl_get_link(path_p, type, &aclp->ats_acl);
+	if (error) {
+		acl_free(aclp);
+		return (NULL);
+	}
+
+	return (aclp);
+}
+
+acl_t
 acl_get_fd(int fd)
 {
 	acl_t	aclp;

==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_set.3#2 (text+ko) ====

@@ -1,7 +1,9 @@
 .\"-
-.\" Copyright (c) 2000 Robert N. M. Watson
+.\" Copyright (c) 2000, 2002 Robert N. M. Watson
 .\" All rights reserved.
 .\"
+.\" This software was developed by Robert Watson for the TrustedBSD Project.
+.\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
 .\" are met:
@@ -31,7 +33,8 @@
 .Sh NAME
 .Nm acl_set_fd ,
 .Nm acl_set_fd_np ,
-.Nm acl_set_file
+.Nm acl_set_file ,
+.Nm acl_set_link_np
 .Nd set an ACL for a file
 .Sh LIBRARY
 .Lb libc
@@ -39,29 +42,36 @@
 .In sys/types.h
 .In sys/acl.h
 .Ft int
-.Fn acl_set_file "const char *path_p" "acl_type_t type" "acl_t acl"
-.Ft int
 .Fn acl_set_fd "int fd" "acl_t acl"
 .Ft int
 .Fn acl_set_fd_np "int fd" "acl_t acl" "acl_type_t type"
+.Ft int
+.Fn acl_set_file "const char *path_p" "acl_type_t type" "acl_t acl"
+.Ft int
+.Fn acl_set_link_np "const char *path_p" "acl_type_t type" "acl_t acl"
 .Sh DESCRIPTION
 The
+.Fn acl_set_fd ,
+.Fn acl_set_fd_np ,
 .Fn acl_set_file ,
-.Fn acl_set_fd ,
 and
-.Fn acl_set_fd_np
+.Fn acl_set_link_np ,
 each associate an ACL with an object referred to by
 .Va fd
 or
 .Va path_p .
-All except
 .Fn acl_set_fd_np
-are POSIX.1e calls--
+and
+.Fn acl_set_link_np
+are not POSIX.1e calls.
 .Fn acl_set_fd
 allows only the setting of ACLs of type ACL_TYPE_ACCESS
 where as
 .Fn acl_set_fd_np
 allows the setting of ACLs of any type.
+.Fn acl_set_link_np
+acts on a symlink rather than its target, if the target of the
+path is a symlink.
 .Sh IMPLEMENTATION NOTES
 .Fx Ns 's
 support for POSIX.1e interfaces and features is still under
@@ -125,5 +135,3 @@
 and development continues.
 .Sh AUTHORS
 .An Robert N M Watson
-.Sh BUGS
-These features are not yet fully implemented.

==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_set.c#2 (text+ko) ====

@@ -1,7 +1,9 @@
 /*-
- * Copyright (c) 1999, 2000, 2001 Robert N. M. Watson
+ * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
  * All rights reserved.
  *
+ * This software was developed by Robert Watson for the TrustedBSD Project.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -70,6 +72,28 @@
 }
 
 int
+acl_set_link_np(const char *path_p, acl_type_t type, acl_t acl)
+{
+	int	error;
+
+	if (acl == NULL || path_p == NULL) {
+		errno = EINVAL;
+		return (-1);
+	}
+	if (_posix1e_acl(acl, type)) {
+		error = _posix1e_acl_sort(acl);
+		if (error) {
+			errno = error;
+			return (-1);
+		}
+	}
+
+	acl->ats_cur_entry = 0;
+
+	return (__acl_set_link(path_p, type, &acl->ats_acl));
+}
+
+int
 acl_set_fd(int fd, acl_t acl)
 {
 	int	error;

==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_valid.3#2 (text+ko) ====

@@ -1,7 +1,9 @@
 .\"-
-.\" Copyright (c) 2000 Robert N. M. Watson
+.\" Copyright (c) 2000, 2002 Robert N. M. Watson
 .\" All rights reserved.
 .\"
+.\" This software was developed by Robert Watson for the TrustedBSD Project.
+.\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
 .\" are met:
@@ -31,7 +33,8 @@
 .Sh NAME
 .Nm acl_valid ,
 .Nm acl_valid_fd_np ,
-.Nm acl_valid_file_np
+.Nm acl_valid_file_np ,
+.Nm acl_valid_link_np
 .Nd validate an ACL
 .Sh LIBRARY
 .Lb libc
@@ -44,6 +47,8 @@
 .Fn acl_valid_fd_np "int fd" "acl_type_t type" "acl_t acl"
 .Ft int
 .Fn acl_valid_file_np "const char *path_p" "acl_type_t type" "acl_t acl"
+.Ft int
+.Fn acl_valid_link_np "const char *path_p" "acl_type_t type" "acl_t acl"
 .Sh DESCRIPTION
 These functions check that the ACL referred to by the argument
 .Va acl
@@ -51,13 +56,20 @@
 .Fn acl_valid ,
 checks this validity only with POSIX.1e ACL semantics, and irrespective
 of the context in which the ACL is to be used.  The non-portable forms,
-.Fn acl_valid_fd_np
+.Fn acl_valid_fd_np ,
+.Fn acl_valid_file_np ,
 and
-.Fn acl_valid_file_np ,
+.Fn acl_valid_link_np
 allow an ACL to be checked in the context of a specific acl type,
 .Va type ,
-and file system object.  In environments where additional ACL types are
+and file system object.
+In environments where additional ACL types are
 supported than just POSIX.1e, this makes more sense.
+Whereas
+.Fn acl_valid_file_np
+will follow the symlink if the specified path is to a symlink,
+.Fn acl_valid_link_np
+will not.
 .Pp
 For POSIX.1e semantics, the checks include:
 .Bd -literal -offset indent
@@ -140,5 +152,3 @@
 and development continues.
 .Sh AUTHORS
 .An Robert N M Watson
-.Sh BUGS
-These features are not yet fully implemented.

==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_valid.c#2 (text+ko) ====

@@ -1,7 +1,9 @@
 /*-
- * Copyright (c) 1999, 2000, 20001 Robert N. M. Watson
+ * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
  * All rights reserved.
  *
+ * This software was developed by Robert Watson for the TrustedBSD Project.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -70,7 +72,6 @@
 	}
 }
 
-
 int
 acl_valid_file_np(const char *pathp, acl_type_t type, acl_t acl)
 {
@@ -91,6 +92,25 @@
 	return (__acl_aclcheck_file(pathp, type, &acl->ats_acl));
 }
 
+int
+acl_valid_link_np(const char *pathp, acl_type_t type, acl_t acl)
+{
+	int	error;
+
+	if (pathp == NULL || acl == NULL) {
+		errno = EINVAL;
+		return (-1);
+	}
+	if (_posix1e_acl(acl, type)) {
+		error = _posix1e_acl_sort(acl);
+		if (error) {
+			errno = error;
+			return (-1);
+		}
+	}
+
+	return (__acl_aclcheck_link(pathp, type, &acl->ats_acl));
+}
 
 int
 acl_valid_fd_np(int fd, acl_type_t type, acl_t acl)
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list